<!--#include file="lib/utf-8.asp"-->
<!--#include file="lib/conn.asp"-->
<!--#include file="lib/saferequest.asp"-->
<%
Response.ContentType = "application/json"
logout=saferequest("logout",0)
if logout="logout" then
	session.abandon
Else
	If Session("MM_Reg") Then
		response.write("{login:true,usr:"""&Session("MM_Username")&""",flag:"&Session("MM_Flag")&"}")
	else
		user=saferequest("usr",0)
		pass=saferequest("psw",0)
		sql="select * from yh where user='"&user&"' and pass='"&pass&"'"
		'response.write(sql)
		'response.end
		set rs = Server.CreateObject("ADODB.Recordset")
		rs.open sql,conn,1,1
		if not rs.eof then
			Session("MM_ID")=rs("id")
			Session("MM_Username")=rs("user")
			Session("MM_Flag")=rs("flag")
			Session("MM_Reg")=true
			Session("MM_Freight")=true
			Session("MM_Post")=rs("post")
			Session("MM_Name")=rs("name")
			session.TimeOut=60
			response.write("{login:true,usr:"""&rs("user")&""",flag:"&rs("flag")&"}")
		else
			response.write("{login:false}")
		end if
		rs.close
		set rs=Nothing
	End If
end if
conn.close
set conn=nothing
%>
